mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-16 09:34:18 +00:00
feat(rpi3): add dTPM backed measured boot
In BL1 and BL2 add support for the use of an Infineon Optiga SLB 9670 TPM2.0. The platform utilizes the gpio_spi.c driver to bit-bang gpio pins in order to send commands and receive responses to/from the TPM. In BL1 & BL2: -utilize TPM commands to initialize the gpio pins for "spi" communication, and extend image hashes to the TPM's PCR 0, at the end of the measured boot phase for the bootloader, the TPM locality is released. -Bl1 executes a tpm_startup command in order to flush the TPM. Change-Id: I2f2fa28f60a262a0aa25a674c72a9904b3cf4d8a Signed-off-by: Tushar Khandelwal <tushar.khandelwal@arm.com> Signed-off-by: Abhi Singh <abhi.singh@arm.com>
This commit is contained in:
Abhi Singh
Abhi Singh
parent
6fa56e9367
commit
4f9894db35
3 changed files with 122 additions and 1 deletions
|
|
@ -21,12 +21,24 @@ PLAT_BL_COMMON_SOURCES := drivers/ti/uart/aarch64/16550_console.S \
|
|||
plat/rpi/common/rpi3_console_dual.c \
|
||||
${XLAT_TABLES_LIB_SRCS}
|
||||
|
||||
ifeq (${DISCRETE_TPM},1)
|
||||
TPM2_MK := drivers/tpm/tpm2.mk
|
||||
$(info Including ${TPM2_MK})
|
||||
include ${TPM2_MK}
|
||||
endif
|
||||
|
||||
ifeq (${TPM_INTERFACE},FIFO_SPI)
|
||||
PLAT_BL_COMMON_SOURCES += drivers/gpio/gpio_spi.c \
|
||||
drivers/tpm/tpm2_slb9670/slb9670_gpio.c
|
||||
endif
|
||||
|
||||
ifeq (${MEASURED_BOOT},1)
|
||||
MEASURED_BOOT_MK := drivers/measured_boot/event_log/event_log.mk
|
||||
$(info Including ${MEASURED_BOOT_MK})
|
||||
include ${MEASURED_BOOT_MK}
|
||||
|
||||
PLAT_BL_COMMON_SOURCES += ${EVENT_LOG_SOURCES}
|
||||
PLAT_BL_COMMON_SOURCES += $(TPM2_SOURCES) \
|
||||
${EVENT_LOG_SOURCES}
|
||||
|
||||
BL1_SOURCES += plat/rpi/rpi3/rpi3_bl1_mboot.c
|
||||
BL2_SOURCES += plat/rpi/rpi3/rpi3_bl2_mboot.c \
|
||||
|
|
|
|||
|
|
@ -11,12 +11,18 @@
|
|||
#include <common/desc_image_load.h>
|
||||
#include <common/ep_info.h>
|
||||
#include <drivers/auth/crypto_mod.h>
|
||||
#include <drivers/gpio_spi.h>
|
||||
#include <drivers/measured_boot/event_log/event_log.h>
|
||||
#include <drivers/measured_boot/metadata.h>
|
||||
#include <drivers/tpm/tpm2.h>
|
||||
#include <drivers/tpm/tpm2_chip.h>
|
||||
#include <drivers/tpm/tpm2_slb9670/slb9670_gpio.h>
|
||||
#include <plat/arm/common/plat_arm.h>
|
||||
#include <plat/common/platform.h>
|
||||
#include <platform_def.h>
|
||||
|
||||
#include <rpi_shared.h>
|
||||
|
||||
/* Event Log data */
|
||||
uint8_t event_log[PLAT_ARM_EVENT_LOG_MAX_SIZE];
|
||||
|
||||
|
|
@ -29,8 +35,43 @@ const event_log_metadata_t rpi3_event_log_metadata[] = {
|
|||
{ EVLOG_INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
|
||||
};
|
||||
|
||||
#if DISCRETE_TPM
|
||||
extern struct tpm_chip_data tpm_chip_data;
|
||||
#if (TPM_INTERFACE == FIFO_SPI)
|
||||
extern struct gpio_spi_data tpm_rpi3_gpio_data;
|
||||
struct spi_plat *spidev;
|
||||
#endif
|
||||
|
||||
static void rpi3_bl1_tpm_early_interface_setup(void)
|
||||
{
|
||||
#if (TPM_INTERFACE == FIFO_SPI)
|
||||
tpm2_slb9670_gpio_init(&tpm_rpi3_gpio_data);
|
||||
|
||||
tpm2_slb9670_reset_chip(&tpm_rpi3_gpio_data);
|
||||
|
||||
spidev = gpio_spi_init(&tpm_rpi3_gpio_data);
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
void bl1_plat_mboot_init(void)
|
||||
{
|
||||
#if DISCRETE_TPM
|
||||
int rc;
|
||||
|
||||
rpi3_bl1_tpm_early_interface_setup();
|
||||
rc = tpm_interface_init(&tpm_chip_data, 0);
|
||||
if (rc != 0) {
|
||||
ERROR("BL1: TPM interface init failed\n");
|
||||
panic();
|
||||
}
|
||||
rc = tpm_startup(&tpm_chip_data, TPM_SU_CLEAR);
|
||||
if (rc != 0) {
|
||||
ERROR("BL1: TPM Startup failed\n");
|
||||
panic();
|
||||
}
|
||||
#endif
|
||||
|
||||
event_log_init(event_log, event_log + sizeof(event_log));
|
||||
event_log_write_header();
|
||||
}
|
||||
|
|
@ -49,6 +90,17 @@ void bl1_plat_mboot_finish(void)
|
|||
ep_info = &image_desc->ep_info;
|
||||
ep_info->args.arg2 = (uint64_t) event_log;
|
||||
ep_info->args.arg3 = (uint32_t) event_log_cur_size;
|
||||
|
||||
#if DISCRETE_TPM
|
||||
int rc;
|
||||
|
||||
/* relinquish control of TPM locality 0 and close interface */
|
||||
rc = tpm_interface_close(&tpm_chip_data, 0);
|
||||
if (rc != 0) {
|
||||
ERROR("BL1: TPM interface close failed\n");
|
||||
panic();
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)
|
||||
|
|
@ -62,6 +114,14 @@ int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)
|
|||
return rc;
|
||||
}
|
||||
|
||||
#if DISCRETE_TPM
|
||||
rc = tpm_pcr_extend(&tpm_chip_data, 0, TPM_ALG_ID, hash_data, TCG_DIGEST_SIZE);
|
||||
if (rc != 0) {
|
||||
ERROR("BL1: TPM PCR-0 extend failed\n");
|
||||
panic();
|
||||
}
|
||||
#endif
|
||||
|
||||
while ((metadata_ptr->id != EVLOG_INVALID_ID) &&
|
||||
(metadata_ptr->id != image_id)) {
|
||||
metadata_ptr++;
|
||||
|
|
|
|||
|
|
@ -11,8 +11,12 @@
|
|||
#include "./include/rpi3_measured_boot.h"
|
||||
|
||||
#include <drivers/auth/crypto_mod.h>
|
||||
#include <drivers/gpio_spi.h>
|
||||
#include <drivers/measured_boot/event_log/event_log.h>
|
||||
#include <drivers/measured_boot/metadata.h>
|
||||
#include <drivers/tpm/tpm2.h>
|
||||
#include <drivers/tpm/tpm2_chip.h>
|
||||
#include <drivers/tpm/tpm2_slb9670/slb9670_gpio.h>
|
||||
#include <plat/common/common_def.h>
|
||||
#include <plat/common/platform.h>
|
||||
#include <platform_def.h>
|
||||
|
|
@ -27,6 +31,23 @@ const event_log_metadata_t rpi3_event_log_metadata[] = {
|
|||
{ EVLOG_INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
|
||||
};
|
||||
|
||||
#if DISCRETE_TPM
|
||||
extern struct tpm_chip_data tpm_chip_data;
|
||||
#if (TPM_INTERFACE == FIFO_SPI)
|
||||
extern struct gpio_spi_data tpm_rpi3_gpio_data;
|
||||
struct spi_plat *spidev;
|
||||
#endif
|
||||
|
||||
static void rpi3_bl2_tpm_early_interface_setup(void)
|
||||
{
|
||||
#if (TPM_INTERFACE == FIFO_SPI)
|
||||
tpm2_slb9670_gpio_init(&tpm_rpi3_gpio_data);
|
||||
|
||||
spidev = gpio_spi_init(&tpm_rpi3_gpio_data);
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
static uint8_t *event_log_start;
|
||||
static size_t event_log_size;
|
||||
|
||||
|
|
@ -35,6 +56,17 @@ void bl2_plat_mboot_init(void)
|
|||
uint8_t *bl2_event_log_start;
|
||||
uint8_t *bl2_event_log_finish;
|
||||
|
||||
#if DISCRETE_TPM
|
||||
int rc;
|
||||
|
||||
rpi3_bl2_tpm_early_interface_setup();
|
||||
rc = tpm_interface_init(&tpm_chip_data, 0);
|
||||
if (rc != 0) {
|
||||
ERROR("BL2: TPM interface init failed\n");
|
||||
panic();
|
||||
}
|
||||
#endif
|
||||
|
||||
rpi3_mboot_fetch_eventlog_info(&event_log_start, &event_log_size);
|
||||
bl2_event_log_start = event_log_start + event_log_size;
|
||||
bl2_event_log_finish = event_log_start + PLAT_ARM_EVENT_LOG_MAX_SIZE;
|
||||
|
|
@ -75,6 +107,15 @@ void bl2_plat_mboot_finish(void)
|
|||
|
||||
/* Dump Event Log for user view */
|
||||
dump_event_log((uint8_t *)event_log_start, event_log_cur_size);
|
||||
|
||||
#if DISCRETE_TPM
|
||||
/* relinquish control of TPM locality 0 and close interface */
|
||||
rc = tpm_interface_close(&tpm_chip_data, 0);
|
||||
if (rc != 0) {
|
||||
ERROR("BL2: TPM interface close failed\n");
|
||||
panic();
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)
|
||||
|
|
@ -90,6 +131,14 @@ int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)
|
|||
return rc;
|
||||
}
|
||||
|
||||
#if DISCRETE_TPM
|
||||
rc = tpm_pcr_extend(&tpm_chip_data, 0, TPM_ALG_ID, hash_data, TCG_DIGEST_SIZE);
|
||||
if (rc != 0) {
|
||||
ERROR("BL2: TPM PCR-0 extend failed\n");
|
||||
panic();
|
||||
}
|
||||
#endif
|
||||
|
||||
while ((metadata_ptr->id != EVLOG_INVALID_ID) &&
|
||||
(metadata_ptr->id != image_id)) {
|
||||
metadata_ptr++;
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue